The vulnerability of the SPL extension for the PHP programming language allows a hacker to execute arbitrary PHP code.

The vulnerability of the PHP programming language interpreter’s SPL extension relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary PHP code using specially created serialized data...

PHP Standard PHP Library Memory Misreference Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and program extensions in C, C++, etc. The Standard PHP Libra...

PHP Standard PHP Library Memory Misreference Vulnerability (CNVD-2017-00067)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and program extensions in C, C++, etc. The Standard PHP Libra...

PHP Standard PHP Library Memory Misreference Vulnerability (CNVD-2017-00068)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and program extensions in C, C++, etc. The Standard PHP Libra...

PHP SPL Extended Integer Overflow Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.SPL Standard PHP Library is a collection of interfaces and class extensions for solving typical problems. SPL Standard PHP Library is an extensio...

PHP7 Unserialization Use After Free

A Use-After-Free vulnerability exists in the Standard PHP library's unserializion of array objects, due to an internal array self-reference. An attacker could exploit this vulnerability by supplying crafted input to a PHP application. Successful exploitation may result in remote execution of...

UBUNTU-CVE-2016-5771

splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...

PHP ext/spl/spl_array.c Deserialization Memory Misreference Vulnerability

PHP is a general-purpose scripting language that can be embedded in HTML. A memory misreference vulnerability exists in the SPL deserialization implementation within PHP ext/spl/splarray.c. Submitting specially crafted serialized data can be exploited by a remote attacker to trigger the execution...

CentOS 5 / 6 : php / php53 (CESA-2014:1326)

Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...

PHP 5.3.x < 5.3.29 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is 5.3.x prior to 5.3.29. It is, therefore, affected by the following vulnerabilities : - A heap-based buffer overflow error exists in the file 'ext/date/lib/parseisointervals.c' related to handling DateInterval objects that...

PHP 5.4.x < 5.4.30 / 5.5.x < 5.5.14 Multiple Vulnerabilities

Binary data 8320.prm...

PHP 5.5.x < 5.5.14 Multiple Vulnerabilities

According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.14. It is, therefore, affected by the following vulnerabilities : - Boundary checking errors exist related to the Fileinfo extension, Composite Document Format CDF handling and the functions...